General Feedback

Do you have an idea or suggestion based on your experience with Windows Server? We would love to hear it! Please take a few minutes to submit your idea in the one of the forums available on the right or vote up an idea submitted by another Windows Server customer. All of the feedback you share in these forums is monitored and reviewed by the Microsoft engineering teams responsible for building Windows Server. Suggestions can apply to both released and Technical Preview versions of Windows Server.

2. Requests for feature changes around the end-user experience, such as desktop shell, start menu, individual consumer apps, etc. must be provided through the Windows 10 Feedback Hub tool. We have no ownership of these types of non-Windows Server components.

3. This forum (General Feedback) is used for any broad feedback related to Windows Server. Feedback for specific areas like Storage, Networking, Virtualization, Nano Server, etc., should be provided in one of the forums available on the right. It is not for bug filings. If you find a bug with Windows Server please open a support case at https://support.microsoft.com and report it – these cases are free.

I work in a software company as a systems engineer for many years, and I always had a problem: "How do I track the status of all Windows servers that install, some of which are of primary importance that they are always very efficient and online?"
I started searching online, and actually there are several services which offer a monitoring system. But they all have the same problem, or are very confusing, or require the opening of some doors or cost absurd figures.
Then I began to search through the Windows Server tools, but nothing.

It was essential that it was simple, clear and clean.
So, I made a website, where I can monitor their status!
Servers sends information every X minutes to my web server.

I used all microsoft tools, Powershell to read important information and report data to the website and task scheduler to execute it. (Alarms include Server Offline, Ws Backup fail, Hdd space low, High cpu usage, high ram usage, raid degraded, hyper v replication failed and others)

So I wondered…

Why not integrate this service in Windows Server 2016 rules?
I could share it with microsoft if microsoft wants....

I work in a software company as a systems engineer for many years, and I always had a problem: "How do I track the status of all Windows servers that install, some of which are of primary importance that they are always very efficient and online?"
I started searching online, and actually there are several services which offer a monitoring system. But they all have the same problem, or are very confusing, or require the opening of some doors or cost absurd figures.
Then I began to search through the Windows Server tools, but nothing.

I've been experimenting with removing WOW64 support from servers. There have been several instances where I've had to reinstall it for operations that have very little to do with the actual server function. The most common scenario is installing MSIs like System Center agents. After the installation is complete I can remove WOW64 and the server operates perfectly. Why can't we just have a native x64 Windows Installer?

The Cmdlet Grant-VMConnectAccess provides a good service in that it allows you to grant Access to a VM to a specific user without giving them full access to ALL vm's and Network control on the machine. User's need VMConnect.exe to talk to VM's but it does not respect this change. Please update VMConnect.exe to respect and use this rights change. It should be able to talk directly to the VM if the rights are there and the machinename or Guid of the VM is targeted

if i open an computer object directly in the dsa.msc there is a tab called "Attribute Editor". If i open an object over the search function there is no tab "Attribute Editor". Bug or Feature? I can´t understand the sens of the difference.

Include Narrator or maybe a program on Windows 10 to allow configuration of a new server core installation over the same network. The problem is that I am a completely blind network systems engineer and I require access to Server core. Microsoft has made great increases in their accessibility on the client side but they have never considered the needs of blind technology professionals on the server side.I don't know how Narrator could be available directly on Server Core or if it could be some kind of add-on that worked over RDP or if there coud be some kidn of application for setting up a Windows Server core stack from Server Manager? I got remote logins working from Powershell but then none of the cmd scripts run correctly. Even if somehow the configuration could be passed over ssh. I don't know what the solution is but I and I'm sure other blind admins need this working. Accessibility and the legal requirements for compliance issues don't stop at the client.

Include Narrator or maybe a program on Windows 10 to allow configuration of a new server core installation over the same network. The problem is that I am a completely blind network systems engineer and I require access to Server core. Microsoft has made great increases in their accessibility on the client side but they have never considered the needs of blind technology professionals on the server side.I don't know how Narrator could be available directly on Server Core or if it could be some kind of add-on that worked over RDP or if there coud be some kidn of…

I believe it would help a lot of organizations if in-place upgrade of Windows Server to newer builds was fully supported. With the change of release schedule it would make it easier for smaller organizations and one-box setups to stay up to date.

I read in a computer magazin about an interesting software, and install this software on my computer. This is a normal process by many users.
Next time i test another software, and so on.....
The windows startmenu included a lot of old and new software, marked by the name of the software.
.. but when i´m looking for a software for a certain purpose and i dont no the name of the software, i had no chance to find the correct software. Otherwise i start the first software, than the next, ...
and may be, i find the correct software, that i need, or not.

I imagin, to see an info by mouseclick, when i click the software name or the shortcut on desktop. And this info is created by myself.

I think, this is interesting for many users.

And this information should be installed by microsoft and not by an
additional program by another sw developer.

software by microsoft ist top.

I read in a computer magazin about an interesting software, and install this software on my computer. This is a normal process by many users.
Next time i test another software, and so on.....
The windows startmenu included a lot of old and new software, marked by the name of the software.
.. but when i´m looking for a software for a certain purpose and i dont no the name of the software, i had no chance to find the correct software. Otherwise i start the first software, than the next, ...
and may be, i find the correct software,…

Hello,
a great little thing would be an option to anchor a window in the foreground.
For example watching a video or a website in foreground while working in a programm or in explorer.
Usually if you have 2 windows open and you click somewhere in the background window, it comes to the foreground and the other one is concealed.

SILA complements the built-in SIL. After tricking the setup to successfully install on a German server using an existing database (see my install localization bug report) another issue pops up.

Executing Sop-SilAggregator in PowerShell will result in a .Net SqlClient Data Provider InvalidOperation exception referring to conversion problems from nvarchar to datetime with the value being out-of-range (see screenshot with German error message).

This raises suspicion to be a German vs. US date format issue ("23.10.2017 22:44:00" German vs. "10/23/2017 10:44:00pm" US vs. "2017-10-23 22:44:00" ISO).

Assume you had an NT4 domain: OLD_DOMAIN
Migrating to AD you created a proper DNS domain: mydomain.net
Now you have a disjoint namespace (NetBIOS vs. AD DNS).

Trying to install SILA on a remote server (not the SQL server itself) will lead to the following error:

Microsoft.AnalysisServices.OperationException: Errors in the metadata manager. The 'Administrators' role includes domain account that does not exist. The following domain user account is no longer valid for this role: 'mydomain\SERVERNAME$'.
at Microsoft.AnalysisServices.AnalysisServicesClient.SendExecuteAndReadResponse(ImpactDetailCollection impacts, Boolean expectEmptyResults, Boolean throwIfError) at Microsoft.AnalysisServices.AnalysisServicesClient.Alter(IMajorObject obj, ObjectExpansion expansion, ImpactDetailCollection impact, Boolean allowCreate, XmlaWarningCollection warnings) at ...

It seems the developer(s) just split the leftmost part of the DNS domain name instead of properly handling/resolving NetBIOS vs. DNS name issues.

In the fictious example mydomain.net when creating an AD from scratch the assumption of MYDOMAIN for the NetBIOS name would be correct.

Assume you had an NT4 domain: OLD_DOMAIN
Migrating to AD you created a proper DNS domain: mydomain.net
Now you have a disjoint namespace (NetBIOS vs. AD DNS).

Trying to install SILA on a remote server (not the SQL server itself) will lead to the following error:

Microsoft.AnalysisServices.OperationException: Errors in the metadata manager. The 'Administrators' role includes domain account that does not exist. The following domain user account is no longer valid for this role: 'mydomain\SERVERNAME$'.
at Microsoft.AnalysisServices.AnalysisServicesClient.SendExecuteAndReadResponse(ImpactDetailCollection impacts,…

When I create a link to a cmd-script and enable the Option run as Administrator mostly it works fine.
But when the cmd-script is in a Folder with () in the Name the script didn't run after UAC Dialog.
Please fix this

Scope
The behavior below is the same for at least Server 2008 R2 & 2012 R2, both with Windows 7 workstation. I have not tested elsewhere.

Scenario
User has only traverse & permissions NTFS rights at root of share but full share-level permissions. User has full access to a subfolder of that folder. I set traverse-only at the parent level because:
1. I do not want users to be able to browse to the parent folder, even if they know the share name. Instead, I provide explicit shortcuts to applications in downline folders where users have read/write access.
2. There there is no need to disable inheritance for downline folders. I can make all rights additive at those lower levels. Since the only NTFS rights to the parent folder (which will be the root of a share) are traverse/permissions rights, and these will be required by anyone also need read/write to downline folders. I can just add read or read/write NTFS rights to downline folders by group.

Symptoms
The user can edit/copy/create/delete files from that full-rights subfolder when accessing it via its UNC path; however, when mapping a drive to the parent folder where the user's rights are traverse/permissions only, the user can still edit files in that subfolder but not create, copy from/to or delete from the subfolder via Windows Explorer; the user gets a "[DriveLetter] invalid/inaccessible" message. However, the user can create and delete files from the subfolder via command prompt, so we know the issue is not NTFS rights, but apparently the fact that Windows denies rights to create/delete/move files to/from the subfolder based on the rights at the parent level.

Here is how to duplicate

Setup
1. Create folder "Test" on any domain-member server.
2. Ensure "Everyone" group has either no rights, or at least only these rights, to "Test" folder: Traverse folder / execute file, Read attributes, Read extended attributes, and Read permissions
3. Assign Authenticated Users these rights to the "Test" folder: Traverse folder / execute file, Read attributes, Read extended attributes, and Read permissions
4. Create a subfolder like this: "Test\SubTest"
5. Assign Authenticated Users full rights to the "SubTest" folder only (not the "Test" parent)
6. Share "Test" folder as "TestShare" (the name is not important; I use TestShare here only to differentiate it from the actual folder name "Test")
7. Give Everyone share permissions Change and Read.
8. From a workstation, log on as a member of Domain Users that is NOT in Domain Admins or any other group having elevated rights to the Test folder (or downline) on the server housing the TestShare.
Test
1. Open Windows Explorer and paste this into address bar, using your own server name: \\[ServerName]\TestShare\SubTest. (Can also just do Window-R and paste that UNC path into run window, then press Enter).
2. This should open [ServerName]\TestShare\SubTest.
3. Copy a text file from the workstation (Copy/Paste or drag-and drop) to that folder. This should succeed.
4. Now map any drive letter to \\[ServerName]\TestShare, either by net use or right-click Computer/Network & Map Network Drive.
5. After the map completes, it will (correctly) generate an error indicating the driver letter is invalid. This is only because, once the drive is mapped, Windows Explorer then attempts to display the root, but the user has only the traverse-related rights above to the root. So ignore this error.
6. Instead, open Windows Explorer and paste this into address bar, using the driver letter just assigned: \\[DriveLetter]\SubTest.
7. This should open \\[DriveLetter]\SubTest, where you should see the first file you copied there previously.
8. Now try copying another file from the local computer to that subfolder. It should fail saying that [DriverLetter is invalid].
9. However, open the text file previously copied, make a change and save it, then re-open. You can see that you can change the file.
10.Open command prompt. Change to [DriveLetter], then dir to \SubTest. Enter dir > dri.txt. The text file is correctly created. Then del dir.txt. The text file is deleted. So the user retains full NTFS rights to the subfolder; it is only in the Windows Explorer environment that the user cannot copy to the subfolder when the parent is a drive letter instead of UNC path.

Further test
But now do this: map any drive letter to \\[ServerName]\TestShare\SubTest, either by net use or right-click Computer/Network & Map Network Drive. This should succeed. You can now copy files to/from the same folder via mapped drive--as long as the root of the mapped drive is an upline folder having at least List Folder Contents.

Conclusion:
1. You can copy to (or create in or delete from) the subfolder when accessing it via its UNC path, even when the user is invoking traverse-only rights at some higher level to get to the folder
2. This also works if you map the drive directly to the subfolder having full rights, even though this also invokes traverse-only rights to get to the folder.
3. This does not work if the mapped drive letter points to the traverse-only folder itself, even though all the same NTFS rights exist identically throughout all three scenarios and even though the user can open and edit files inside the subfolder when mapped this way.
Change required
Do not limit create/delete/move access within Windows Explorer by parent folder rights when user has additive rights to the subfolder.